We’ve all seen the Hollywood movies. Retinal eye scanners that open secret passageways. Facial recognition systems and handprint scanners that verify the good guys are who they say they are.
FREE Ebook: A New Approach To Managing Employees’ Personal Internet Use At Work
In truth, corporate security in the real world is much more mundane. The most common model requires employees to enter a six or eight character password to access a secure environment. For many years, the model was good enough, even though many man hours were spent resetting or unlocking accounts when the password just couldn’t be remembered.
Today, the model is broken because passwords, as they exist, have outlived their usefulness. In the old model, the workplace was always on-premise, and people spent most of their time in their physical place of employment. But in today’s society, workers are just as apt to be in their own living room, in a client’s conference room, or in an overseas hotel room.
A simple password just doesn’t cut it anymore. It’s not personal enough. It’s not secure enough. Unfortunately, increasing the complexity of a password isn’t the solution because it would just mean more time wasted in lockouts and resets. What’s more, today’s workforce doesn’t just utilize enterprise technology that is configured for on-premise usage. The mobile workforce of today utilizes social media technology and flexible remote tools and applications. Work happens anytime, anywhere.
Empowering the innovative workforce of today means replacing the restrictive passwords of old with something much more intuitive, like passphrases. Enabling passphrases will ultimately empower the innovative workforce with better security. Employees will feel they have more ownership over their own identities and, as IT professionals, we should encourage better security measures that increase productivity.
[wp_ad_camp_4]
After all, identity has become just as important as the data it authorizes. Moving from an eight character encrypted password to a 26 character password only introduces complexity. Educating the workforce on the eradication of the password and the implementation of the passphrase will empower people to lock down a single identity access once and for all.
Today, only about two percent of enterprises have implemented passphrases. Why? Because most CIOs fear the repercussions of making access more complex, such as massive lockouts for end users and skyrocketing helpdesk calls.
Employees unable to do their job because they no longer have access to the tools they need is the ultimate technology nightmare. But this fear simply enables the bad guys to develop more complex hacking algorithms against the eight character password.
Let’s take a closer look at what passphrases really are. Yes, they are inherently more complex than passwords, but they are also inherently more intuitive, and that is what eliminates the complexity.
In fact, passphrases are nothing new. We’ve all used them at one time or another to help us memorize complex things. To learn the order of planets from the sun, for instance, school kids commonly employ the phrase: My Very Educated Mother Just Served Us Nachos. That’s the easiest and most intuitive way to memorize Mercury, Venus, Earth, Mars, Jupiter, Saturn, Uranus, Neptune.
With a little guidance from the IT staff, passphrases can be a very effective security measure to help isolate and protect corporate data. Here are some passphrase guidelines intended to get everyone away from using passwords and in the habit of using passphrases, which results in stronger and more intuitive security.
Passphrase Guideline #1
Total number of letters in my name; high school mascot; power department; favorite car:
Passphrase: 14_Panther_CPS_Corvette
Passphrase Guideline #2
Four wheel drive or two wheel drive, margarita on the rocks or chilled, favorite fruit, area code of your favorite destination:
Passphrase: 4x4_Chilled_Mango_808
Passphrase Guideline #3
Local grocery store; color of your trash cans; favorite cheese, mother’s zip code:
Passphrase: HEB_Green_MontereyJack_96808
As you can see from the examples, even if everyone is following the same guidelines, you will still get wildly divergent passphrases. Example #3, for instance, produced a whopping 27 character passphrase. The passphrase itself is easy to remember, even though a 27 character password would be very difficult. Once the workforce gets the hang of it, they can mix and match several guidelines for even more random passphrases in the future.
It’s time to kill the password and replace it with the passphrase. The IT staff can play a crucial role in transitioning today’s workers away from old-school passwords to modern day passphrases.
About Centrify
Centrify provides unified identity management across data center, cloud and mobile environments that deliver a single sign-on (SSO) for users and a simplified identity infrastructure for IT. Centrify’s unified identity management software and cloud-based Identity-as-a-Service (IDaaS) solutions leverage an organization’s existing identity infrastructure to enable single sign-on, multi-factor authentication, privileged identity management, auditing for compliance and mobile device management. Centrify customers can typically reduce their total cost of identity management and compliance by more than 50 percent, while improving business agility and overall security. Centrify is used by more than 5,000 customers worldwide, including nearly half of the Fortune 50 and more than 60 Federal agencies.
For more information, please visit http://www.centrify.com/
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.